Version: 3.12.18625
Release date: January 25, 2020
Latest update: Update 6
With Adaxes 2019.2 we continue adding great new features and introducing useful improvements to make the product even better. This release introduces another authentication factor for self-service password reset, two-factor authentication for Web Interface, auditing of sign-in activities and new notification capabilities for approval-based workflows.
We've added the option to use a mobile authenticator app as a verification method for self-service password reset. With this option enabled, users will be required to open the app on their mobile phone (or any other device) and enter the code displayed in the app to verify their identity.
Adaxes supports the following authenticator apps:
Unlike SMS messages, authenticator apps run locally on the user's device which means that verification codes can't be intercepted on the phone network, code generation is instant and does not require an Internet connection or mobile service.
We have also improved the user experience during enrollment for password self-service. We have made it a step-by-step process with clear and simple instructions that are easy to follow. To make sure mobile phone numbers are entered correctly, we have added an SMS verification step to it.
We've added the ability to use time-based one-time password verification (via Google Authenticator and other similar apps) as an authentication factor for the Username/Password authentication type in the Web Interface. If enabled, the user will need to install the app on their device and activate it upon the first login. During subsequent logins, after entering their credentials, the user will be asked to enter a code generated by the authenticator app to sign in to the Web Interface.
Starting from the new version, Adaxes will log all user logins to the Web Interface and Web Interface Configurator. It will allow you to track who logs in, who fails to log in, from which host, to which Web Interface, when, etc.
Now Adaxes will send an email notification to the user who initiated an operation that was submitted for approval, approved but executed with errors. The subject, header and footer of the email notification can be customized according to your needs.
There are more improvements that go with the 2019.2 update. To check them out and see more details about the features described above, visit the dedicated What's New page.
Adaxes 2019.2 Update 6 extends the previous security update and addresses the same vulnerability. The previous fix can be bypassed, which was discovered recently. As a result, we've reinforced the fix by escaping all possible double quote characters ("„“”) when value references are resolved.
© Softerra 2020. All rights reserved.